8 Replies Latest reply on Jul 5, 2018 1:51 AM by Abhishek Singh

    Sync the RSSOs

    Mina Horiuchi

      Hi there,

       

      I am trying to sync repository's RSSO and cdp's RSSO.

      following this documentation i am trying to sync those RSSO.

      https://docs.bmc.com/docs/AtriumOrchestratorPlatform/80/configuring-a-fail-safe-enterprise-service-bus-after-upgrade-677083756.html

       

      My query is i always fail when i do the command.

       

      tools\runAuthTool.bat --syncRsso --srcRssoUrl https://*****:28080 --srcRssoUser Admin --srcRssoPassword pass:Password --srcRssoRealm BAOLocal --dstRssoUrl https://*****:38080 --dstRssoUser Admin --dstRssoPassword pass:Password

       

      Error message is "Cant find this path"

       

      I am thinking it seems like i need to create a bat file...?

      But what is inside of the bat file..

       

      Kind Regards,

      Mina

       

       

      UPDATE

       

      Error changed. Does anyone know what do i need to do ?

       

       

      The command :

       

      tools\runAuthTool.bat --syncRsso --srcRssoUrl https://*****.*****.**.**:28080 --srcRssoUser Admin --srcRssoPassword pass:RSSO#Admin# --srcRssoRealm BAOLocal --dstRssoUrl https://*****.*****.**.**:38080 --dstRssoUser Admin --dstRssoPassword pass:RSSO#Admin#

       

       

      Response of command prompt.

       

      Running 'C:\Program Files\BMC Software\BAO\REPO\tools\AuthTool.jar' ...

       

      Error logging in to RSSO (https://niscom-bao04.niscom.co.jp:28080/rsso/config/login) as 'Admin': java.net.ConnectException: Connection refused: connect

      ERROR AuthTool - Error logging in to RSSO (https://niscom-bao04.niscom.co.jp:28080/rsso/config/login) as 'Admin': java.net.ConnectException: Connection refused:

      connect

      com.bmc.ao.authlauncher.FailedOperationException: Error logging in to RSSO (https://niscom-bao04.niscom.co.jp:28080/rsso/config/login) as 'Admin':java.net.ConnectException: Connection refused: connect

              at com.bmc.ao.authlauncher.impl.SyncRssoSupport.loginInternal(SyncRssoSupport.java:256)

              at com.bmc.ao.authlauncher.impl.SyncRssoSupport.sourceLogin(SyncRssoSupport.java:183)

              at com.bmc.ao.authlauncher.impl.SyncRssoSupport.performSync(SyncRssoSupport.java:367)

              at com.bmc.ao.authlauncher.impl.AuthToolLauncherImpl.syncRsso(AuthToolLauncherImpl.java:1293)

              at com.bmc.ao.authlauncher.impl.AuthToolLauncherImpl.execute(AuthToolLauncherImpl.java:133)

              at com.bmc.ao.authtool.AuthTool.execute(AuthTool.java:1032)

              at com.bmc.ao.authtool.AuthTool.main(AuthTool.java:232)

      Caused by: java.net.ConnectException: Connection refused: connect

              at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)

              at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)

              at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)

              at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)

              at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)

              at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)

              at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)

              at java.net.Socket.connect(Socket.java:589)

              at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673)

              at sun.net.NetworkClient.doConnect(NetworkClient.java:175)

              at sun.net.www.http.HttpClient.openServer(HttpClient.java:463)

              at sun.net.www.http.HttpClient.openServer(HttpClient.java:558)

              at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264)

              at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367)

              at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191)

              at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)

              at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)

              at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177)

              at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)

              at com.bmc.ao.authlauncher.impl.SyncRssoSupport.loginInternal(SyncRssoSupport.java:228)

              ... 6 more

       

       

      update

       

      I checked the .bat file that BAO already have. the file was 0 byte. is it normal behavior?

       

        • 1. Re: Sync the RSSOs
          Aryan Anantwar

          Hi Mina,

           

          Did you confirmed that, from the box you are running this command - you can access both RSSO URLs/Servers on mentioned RSSO ports?

          Error seems to be a connection issue.

           

          Regards,

          Aryan Anantwar

          • 2. Re: Sync the RSSOs
            Mina Horiuchi

            Hi Aryan,

             

            Thanks for your reply.

             

            Yes I think so. I have vao8.0 on this environment and from here, i am doing that command.

             

            *I do not have an HA-CDP installed.

             

             

            My envirnment

            [ This is Repository's RSSO.]

             

             

             

             

            [ This is RSSO of Cdp.]

             

            [Running command]

             

            C:\Program Files\BMC Software\BAO\CDP>tools\runAuthTool.bat --syncRsso --srcRssoUrl https://10.0.10.10:28080 --srcRssoUser Admin --srcRssoPassword pass:RSSO#Admin# --srcRssoRealm BAOLocal --dstRssoUrl https://10.0.10.10:38080 --dstRssoUserAdmin --dstRssoPassword pass:RSSO#Admin#

             

            [Response]

             

            Running 'C:\Program Files\BMC Software\BAO\CDP\tools\AuthTool.jar' ...

             

            Error logging in to RSSO (https://10.0.10.10:28080/rsso/config/login) as 'Admin'

            : javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:

            No subject alternative names present

            ERROR AuthTool - Error logging in to RSSO (https://10.0.10.10:28080/rsso/config/login) as 'Admin': javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names presentcom.bmc.ao.authlauncher.FailedOperationException: Error logging in to RSSO (https://10.0.10.10:28080/rsso/config/login) as 'Admin': javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative names present

                    at com.bmc.ao.authlauncher.impl.SyncRssoSupport.loginInternal(SyncRssoSupport.java:256)

                    at com.bmc.ao.authlauncher.impl.SyncRssoSupport.sourceLogin(SyncRssoSupport.java:183)

                    at com.bmc.ao.authlauncher.impl.SyncRssoSupport.performSync(SyncRssoSupport.java:367)

                    at com.bmc.ao.authlauncher.impl.AuthToolLauncherImpl.syncRsso(AuthToolLauncherImpl.java:1293)

                    at com.bmc.ao.authlauncher.impl.AuthToolLauncherImpl.execute(AuthToolLauncherImpl.java:133)

                    at com.bmc.ao.authtool.AuthTool.execute(AuthTool.java:1032)

                    at com.bmc.ao.authtool.AuthTool.main(AuthTool.java:232)

            Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateEx

            ception: No subject alternative names present

                    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)

                    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)

                    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)

                    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)

                    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)

                    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)

                    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)

                    at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)

                    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)

                    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)

                    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)

                    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)

                    at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)

                    at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect

            (AbstractDelegateHttpsURLConnection.java:185)

                    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)

                    at com.bmc.ao.authlauncher.impl.SyncRssoSupport.loginInternal(SyncRssoSupport.java:228)

                    ... 6 more

            Caused by: java.security.cert.CertificateException: No subject alternative names present

                    at sun.security.util.HostnameChecker.matchIP(HostnameChecker.java:145)

                    at sun.security.util.HostnameChecker.match(HostnameChecker.java:94)

                    at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)

                    at sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(SSLContextImpl.java:1019)

                    at sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(SSLContextImpl.java:986)

                    at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)

                    ... 17 more

             

            Kind Regards,

            Mina

            • 3. Re: Sync the RSSOs
              Aryan Anantwar

              Do not use IP addresses for RSSO URLs in your command.

              Use only FQDN's.

              1 of 1 people found this helpful
              • 4. Re: Sync the RSSOs
                Mina Horiuchi

                Aryan,

                 

                Thanks for reply. I saw the video of how to sync the RSSOs.

                Installing BMC Atrium Orchestrator-7.9.01 on Windows - Part6 - YouTube

                 

                By watching the video, i understood that i do not need to execute the command.

                Just need to edit the files.

                 

                I confirmed that i already was able to sync my RSSOs.

                I think the documentation is including un-needed steps.. ?

                 

                Could you see this documentation?

                On the bottom of the documentation there is a step of【Synchronizing two embedded SSO instances】which i was stuck.. and do not need to do..

                 

                Configuring a fail-safe enterprise service bus after upgrade - Documentation for BMC Atrium Orchestrator Platform 8.0 - …

                 

                Do you know what is this 【Synchronizing two embedded SSO instances】for ..?

                • 5. Re: Sync the RSSOs
                  Aryan Anantwar

                  Hi Mina,

                   

                  as per documentation it looks like the step of【Synchronizing two embedded SSO instances】is for synchronising the data of two embedded RSSO instances.

                  • If you install a primary CDP, you can use the migration tool to synchronize the repository's embedded SSO data (the source) with the new CDP's embedded SSO (the destination).

                   

                  not sure why it didn't worked for you and also if it is not required then why it is there in docs?

                   

                  Regards,

                  Aryan Anantwar

                  1 of 1 people found this helpful
                  • 6. Re: Sync the RSSOs
                    Mina Horiuchi

                    Ayran,

                    I finally understood the purpose of the command... it was for sync user and group that already created before sync by edit the server files.

                    Thanks for your advices. I appreciate it!

                    • 8. Re: Sync the RSSOs
                      Abhishek Singh

                      You are correct. Documentation will be updated.